- Stopped mountd from incorrectly logging an error (commit

9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3)
- Stop gssd from ignoring the machine credential caches (commit
    46d439b17f22216ce8f9257a982c6ade5d1c5931)
- Fixed typo in the nfsstat command line arugments. (commit
    acf95d32a44fd8357c24e8a04ec53fc6900bfc58)
- Added test to stop buffer overflow in idmapd (commit
    bcd0fcaf0966c546da5043be700587f73174ae25)
This commit is contained in:
Steve Dickson 2008-03-03 16:22:08 +00:00
parent aa447acc7f
commit 4c886b7923
6 changed files with 153 additions and 4 deletions

View File

@ -0,0 +1,23 @@
commit 46d439b17f22216ce8f9257a982c6ade5d1c5931
Author: Vince Busam <vbusam@google.com>
Date: Tue Feb 26 13:04:52 2008 -0500
Stop gssd from ignoring the machine credential cache
defined by the -d flag
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index bf8690e..3cf27ca 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -404,7 +404,7 @@ gssd_get_single_krb5_cred(krb5_context context,
cache_type = "FILE";
snprintf(cc_name, sizeof(cc_name), "%s:%s/%s%s_%s",
cache_type,
- GSSD_DEFAULT_CRED_DIR, GSSD_DEFAULT_CRED_PREFIX,
+ ccachedir, GSSD_DEFAULT_CRED_PREFIX,
GSSD_DEFAULT_MACHINE_CRED_SUFFIX, ple->realm);
ple->endtime = my_creds.times.endtime;
if (ple->ccname != NULL)

View File

@ -0,0 +1,28 @@
commit bcd0fcaf0966c546da5043be700587f73174ae25
Author: NeilBrown <neilb@suse.de>
Date: Tue Feb 26 13:57:39 2008 -0500
If validateascii is passed a string containing only non-zero 7bit
values, then the loop with exit with i == len, and the following
test will access beyond the end of the array.
So add an extra test to fix this.
Found by Marcus Meissner <meissner@novell.com>.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index 355c6e1..6b5971c 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -848,7 +848,7 @@ validateascii(char *string, u_int32_t len)
return (-1);
}
- if (string[i] != '\0')
+ if ((i >= len) || string[i] != '\0')
return (-1);
return (i + 1);

View File

@ -0,0 +1,58 @@
commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3
Author: Harshula Jayasuriya <harshula@sgi.com>
Date: Tue Feb 12 16:13:25 2008 -0500
In mountd, if get_exportlist() (utils/mountd/mountd.c) returns NULL it
should not be considered a failure. It just means that there are no
exports on the system.
The practical problem with the current code is that a showmount -e
results in a syslog message from mountd that looks like:
rpc.mountd: export request from 10.250.100.2 failed.
Reviewed-by: Greg Banks <gnb@sgi.com>
Signed-off-by: Harshula Jayasuriya <harshula@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 4a50588..63d5ce1 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -203,9 +203,8 @@ mount_dump_1_svc(struct svc_req *rqstp, void *argp, mountlist *res)
struct sockaddr_in *addr =
(struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
- if ((*res = mountlist_list()) == NULL)
- xlog(L_WARNING, "dump request from %s failed.",
- inet_ntoa(addr->sin_addr));
+ xlog(D_CALL, "dump request from %s.", inet_ntoa(addr->sin_addr));
+ *res = mountlist_list();
return 1;
}
@@ -254,9 +253,8 @@ mount_export_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
struct sockaddr_in *addr =
(struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
- if ((*resp = get_exportlist()) == NULL)
- xlog(L_WARNING, "export request from %s failed.",
- inet_ntoa(addr->sin_addr));
+ xlog(D_CALL, "export request from %s.", inet_ntoa(addr->sin_addr));
+ *resp = get_exportlist();
return 1;
}
@@ -267,9 +265,9 @@ mount_exportall_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
struct sockaddr_in *addr =
(struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
- if ((*resp = get_exportlist()) == NULL)
- xlog(L_WARNING, "exportall request from %s failed.",
- inet_ntoa(addr->sin_addr));
+ xlog(D_CALL, "exportall request from %s.", inet_ntoa(addr->sin_addr));
+ *resp = get_exportlist();
+
return 1;
}

View File

@ -0,0 +1,21 @@
commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58
Author: Peng Haitao <penght@cn.fujitsu.com>
Date: Tue Feb 26 13:52:18 2008 -0500
Fixed typo in the nfsstat command line arugments.
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/nfsstat/nfsstat.c b/utils/nfsstat/nfsstat.c
index 828119b..ed8cfc8 100644
--- a/utils/nfsstat/nfsstat.c
+++ b/utils/nfsstat/nfsstat.c
@@ -237,7 +237,7 @@ static struct option longopts[] =
{ "all", 0, 0, 'v' },
{ "auto", 0, 0, '\3' },
{ "client", 0, 0, 'c' },
- { "mounts", 0, 0, 'm' },
+ { "mounted", 0, 0, 'm' },
{ "nfs", 0, 0, 'n' },
{ "rpc", 0, 0, 'r' },
{ "server", 0, 0, 's' },

View File

@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser
Name: nfs-utils Name: nfs-utils
URL: http://sourceforge.net/projects/nfs URL: http://sourceforge.net/projects/nfs
Version: 1.1.1 Version: 1.1.1
Release: 4%{?dist} Release: 5%{?dist}
Epoch: 1 Epoch: 1
# group all 32bit related archs # group all 32bit related archs
@ -45,6 +45,10 @@ Patch104: nfs-utils-1.1.1-xlog-valist.patch
Patch105: nfs-utils-1.1.1-mountd-crossmnt.patch Patch105: nfs-utils-1.1.1-mountd-crossmnt.patch
Patch106: nfs-utils-1.1.1-mount-relatime.patch Patch106: nfs-utils-1.1.1-mount-relatime.patch
Patch107: nfs-utils-1.1.1-mountd-crossmnt-cleanup.patch Patch107: nfs-utils-1.1.1-mountd-crossmnt-cleanup.patch
Patch108: nfs-utils-1.1.1-mountd-exportlist.patch
Patch109: nfs-utils-1.1.1-gssd-mcred.patch
Patch110: nfs-utils-1.1.1-nfsstat-cmdline.patch
Patch111: nfs-utils-1.1.1-idmapd-validasc.patch
Group: System Environment/Daemons Group: System Environment/Daemons
Provides: exportfs = %{epoch}:%{version}-%{release} Provides: exportfs = %{epoch}:%{version}-%{release}
@ -114,6 +118,10 @@ This package also contains the mount.nfs and umount.nfs program.
%patch105 -p1 %patch105 -p1
%patch106 -p1 %patch106 -p1
%patch107 -p1 %patch107 -p1
%patch108 -p1
%patch109 -p1
%patch110 -p1
%patch111 -p1
# Remove .orig files # Remove .orig files
find . -name "*.orig" | xargs rm -f find . -name "*.orig" | xargs rm -f
@ -277,6 +285,16 @@ fi
%attr(4755,root,root) /sbin/umount.nfs4 %attr(4755,root,root) /sbin/umount.nfs4
%changelog %changelog
* Mon Mar 3 2008 Steve Dickson <steved@redhat.com> 1.1.1-5
- Stopped mountd from incorrectly logging an error
(commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3)
- Stop gssd from ignoring the machine credential caches
(commit 46d439b17f22216ce8f9257a982c6ade5d1c5931)
- Fixed typo in the nfsstat command line arugments.
(commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58)
- Added test to stop buffer overflow in idmapd
(commit bcd0fcaf0966c546da5043be700587f73174ae25)
* Sat Feb 9 2008 Steve Dickson <steved@redhat.com> 1.1.1-4 * Sat Feb 9 2008 Steve Dickson <steved@redhat.com> 1.1.1-4
- Cleaned up some typos that were found in the various - Cleaned up some typos that were found in the various
places in the mountd code places in the mountd code

View File

@ -53,11 +53,12 @@ fi
start() { start() {
if [ ! -f /var/lock/subsys/nfslock ]; then if [ ! -f /var/lock/subsys/nfslock ]; then
# Start daemons.
if [ "$USERLAND_LOCKD" ]; then
# Make sure locks are recovered # Make sure locks are recovered
rm -f /var/run/sm-notify.pid rm -f /var/run/sm-notify.pid
# Start daemons.
if [ "$USERLAND_LOCKD" ]; then
echo -n $"Starting NFS locking: " echo -n $"Starting NFS locking: "
daemon rpc.lockd daemon rpc.lockd
echo echo